A maliciously crafted RFA file, when converted to FormIt via “Convert RFA to FormIt” in Autodesk Revit, can force a NULL Pointer Dereference vulnerability. Successful exploitation may cause the application to crash, leading to a denial-of-service condition.
The product dereferences a pointer that it expects to be valid but is NULL.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Revit | Autodesk | 2024 (including) | 2024.3.5 (excluding) |
| Revit | Autodesk | 2025 (including) | 2025.4.5 (excluding) |
| Revit | Autodesk | 2026 (including) | 2026.4.1 (excluding) |
| Revit | Autodesk | 2027 (including) | 2027.1 (excluding) |